Several phishing sites are deployed by cybercriminals with the green padlock and https certification. Read on to know more…
The green padlock icon has been associated with security for quite some time. Although Google has abandoned it for its Chrome browser, the icon continues to be considered as an indicator of safety. Criminals are exploiting this belief and branding fraudulent sites with the green padlock icon.
About Green Palock
The green padlock represents that the data exchanged with the website in question is encrypted. Although this represents encryption, the existence of this icon does not mean that every site with this icon is secure. Even when you see the icon, it is always a good practice to check the address bar for typos of legitimate websites to check if you’re accessing a phishing site or not.
Cybercriminals are always raising the bar when it comes to duping their victims. It was once taught to users that the padlock symbol in a web browser’s address bar was a good indicator that a site would be safe. And several users have been conditioned to look for that padlock to measure a website’s trustworthiness.
Perhaps a few years ago, giving users guidance to look for the padlock might have been sound, but that’s been changing in recent years. In fact, it might now be bad advice, because it can lull users into a false sense of security.
Internet users should not blindly trust websites with HTTPS certification and the green padlock as cyber criminals are increasingly using HTTPS in new phishing sites to assure users that such sites are safe to visit when they are actually not.
With cybercriminals looking for new ways to convince victims to click on phishing links, the use of the green padlock icon has shot up. The availability of free certificate services has made this quite easy, especially during the holiday season when scams are on the high along with sales and promotional emails.
The cybercrooks are getting these phishing domains and registering them. Then they are standing up phishing sites on those domains that are essentially clones of the various e-commerce sites to fool the end user into believing they’re on a legitimate e-commerce site.
In reality, the https:// part of the address (also called “Secure Sockets Layer” or SSL) merely signifies the data being transmitted back and forth between your browser and the site is encrypted and can’t be read by third parties. The presence of the padlock does not mean the site is legitimate, nor is it any proof the site has been security-hardened against intrusion from hackers.
Organizations and individual users must do their part to stay protected from this type of fraud. For individual users, the most basic thing to do would be to avoid clicking on suspicious links, especially those that seem too good to be true. Organizations can add a layer of security by scanning for suspicious domains and filtering them out before the employees have a chance to access them. Security experts also recommend monitoring the behavior of password managers. If they refuse to provide saved credentials for sites, this may be an indication of the site not being legitimate.